hello,
I have a usb-stick in my openWRT, that I would like to use to share some files.
Is there an App, that lets me Up-/Download Files via the Luci Webitnerface?
Would Next-/Owncloud run smoothly on my TP-Link 1043ND ?
No, NextCloud and similar need a relatively powerful database as well as being very demanding in terms of compute power, including generation of thumbnails. An application of that scale is far beyond the capabilities of a device with only 64 MB of RAM and a single-core MIPS SoC. Running it on a Raspberry Pi or the like would be a much better option.
1 Like
If you are talking about accessing the USB from the LAN then you could use SMB shares for Windows. For Linux you probably have more options.
For accessing the USB form internet, FTP is probably the most straightforward solution. You could use a DDNS service if you have a dynamic IP.
What @Hegabo suggested should work in general. However, be aware that exposing the share to the internet, especially with older protocols like FTP may cause significant security risks. And consider the amount of bandwidth/traffic that will be used by this share -- it could easily overwhelm the capabilities of the router.
Another solution might just be to use one of any number of commercial solutions out there (Dropbox, Google Drive, etc.)
1 Like
Yes, I wanna share over the Internet, so SMB wont work as id like to use it without VPN connection.
Is there like a web-based FTP-Clientas luci app, that can use OpenWRT as the Server?
Basically I just want to connect to Luc via HTTPS and then be able to access my files.
Even more than FTP, the web server in OpenWrt is not security hardened and it is a very bad idea to expose it to the internet (the server is light weight so it can run smoothly on low-power devices, it does not have a robust security model intended to handle attacks from the internet). If you insist on doing so, it is highly recommended that you use a non-standard port and that you have a very strong password. FWIW, https will not protect your router from attacks -- it is used to secure the connection between the client and server, not to protect the server itself.
3 Likes
As for what @psherman mentioned, I don't know the significance of the security concerns for you. For me when I put something on the share it's usually not something that anybody would try any hard to get (nor would I worry if they did).
Anyway, if you are not too worried about security issues, and we are talking about FTP then you don't need to access LuCi for that at all. Once the share is available, you can access it using any FTP client, file browser, or even web browser (for reading).
As @psherman pointed out, using a non-standard port and strong password can make it a bit more secure. And if you are going to expose something to internet, then you better expose the FTP share rather than the whole router.
1 Like
Writable "shares" pose even more problems than readable ones -- From simply filling up your disk and potentially locking up your router through someone using your machine to distribute illegal content, to malicious content targeted at you, there are plenty of reasons not to allow anything to be written on the share.
2 Likes
But why would someone go into the trouble (or luck) to figure out my IP (or DDNS URL), my port number and my password to put something on my share?
I understand there are risk, but probably not significant for the average user who isn't a target for hackers and at the same time skilled enough to notice when someone put malicious content.
1 Like
As soon as you connect to the Internet, you are every bit as interesting to a hacker as any of the other over 500,000 compromised routers out there that are likely under control of "sophisticated, state-backed actors" as they put it these days (that's just from one threat). Home routers are usually comparatively easy to crack, even with what you consider a strong password and can be scanned at astounding rates, especially when they've already compromised their first dozen -- the amplification factor is pretty impressive. I might have bought that argument in the days of 28.8 kbps modems, but those days are long gone, with speeds in the hundreds of mbps common.
4 Likes
Aside from the state-backed attackers, there is also a huge number of criminal attackers, who use their botnet to scam advertising agencies, inserting ads into your web-browsing (both for monetary gain and attacking the systems behind your router), extorting money from third parties (or they'll use their botnet to dDoS their websites), distribute software or media illegally, etc. pp. It's easy to scan large chunks of the internet for open ports these days (and non-standard ports don't help at all, those just reduce the logspam slightly) and attack potentially interesting ones. These attackers generally don't care about you, but they do care (a lot) about adding another vulnerable zombie to their botnet, because botnet size matters.
4 Likes
Ok you convinced me, Ill just use VPN and then share my things 
2 Likes
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.